<?php
namespace Admin\Controller;
use Think\Controller;
class SystemController extends Controller
{

    //登录页面
    public function login() {
        if (IS_POST) {
            $name = I('post.username');
            $pwd = I('post.password');

            $MODEL = M('admin');
            $where['username'] = $name;
            $where['password'] = md5($pwd);
            $data = $MODEL->field('id,username,type')->where($where)->find();
            if ($data) {
                $MODEL->where('id='.$data['id'])->save(array('login_time'=>time()));
                $_SESSION['admin_username'] = $name;
                //写入session
                session(C("USER_AUTH_KEY"), $data["id"]);
                session("username", $data["username"]);
                session("logintime", $data["logintime"]);
                session("admin_id", $data["id"]);
                session('type',$data['type']);
                //如果为超级管理员，则无需验证
                if($name == C('ADMIN_AUTH_KEY')){
                    session(C('ADMIN_AUTH_KEY'),$name);
                }else{
                    \Org\Util\Rbac::saveAccessList($data['id']);
                }
                $this->redirect('Index/index');
            }else {
                $this->error('密码账户不匹配','login');
            }
        }
        $this->display();
    }
    //退出账户
    public function login_out() {
        session(null);
        $this->redirect('System/login');
    }
}
